NetTalk Central
NetTalk Web Server => Web Server - Ask For Help => Topic started by: rupertvz on April 21, 2021, 02:36:45 AM
-
Hi Bruce,
We've run a security and vulnerability scan for a client on their web application.
The only problem we picked up was a finding on "Strict-Transport-Security / Missing Header"
How can we pass this security check?
-
Hi rupertvz:
What version of NetTalk you have installed? I think that was addressed in recent version as far as I recall
-
Thank you, I am using 11.45
-
Thank you, I am using 11.45
I think in that version of NetTalk, the server settings tab template is included. If implemented, you are gonna see something like the screenshot included in this post.
If not, I think another way to implement the Strict-Transport-Security is with this, near the embed
s_web._SitesQueue.Defaults.StrictTransportSecurity = 'Strict-Transport-Security: max-age=31536000;'
More examples how to set it here
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security